Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b35035bbd115f5f28813d27c854f5bf0N.exe
-
Size
33KB
-
Sample
240818-a2kv4awcpg
-
MD5
b35035bbd115f5f28813d27c854f5bf0
-
SHA1
14a3982401ea7bb7070763854fa3f26165b0364d
-
SHA256
693219a75775769bc379b9179c3e7e87fe9058d9e10acf15372657a37df7f3f1
-
SHA512
aaf62b99ad99ee085f62b172588354ba33abddc3bbf32c2d3e4c3211aa848fbe1de1631425074bb4178d2a77e9d77d0c0878f0f27ecf14f75a2655a144287b3b
-
SSDEEP
768:tQbuQRy2UjmUndnlTttxDn+3jiSkjRY6AB7kKfYoJ+ifBEewzKO5/V:QuQRylaUDTDxDXjy6AB7koYy2T/
Behavioral task
behavioral1
Sample
b35035bbd115f5f28813d27c854f5bf0N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
b35035bbd115f5f28813d27c854f5bf0N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
b35035bbd115f5f28813d27c854f5bf0N.exe
-
Size
33KB
-
MD5
b35035bbd115f5f28813d27c854f5bf0
-
SHA1
14a3982401ea7bb7070763854fa3f26165b0364d
-
SHA256
693219a75775769bc379b9179c3e7e87fe9058d9e10acf15372657a37df7f3f1
-
SHA512
aaf62b99ad99ee085f62b172588354ba33abddc3bbf32c2d3e4c3211aa848fbe1de1631425074bb4178d2a77e9d77d0c0878f0f27ecf14f75a2655a144287b3b
-
SSDEEP
768:tQbuQRy2UjmUndnlTttxDn+3jiSkjRY6AB7kKfYoJ+ifBEewzKO5/V:QuQRylaUDTDxDXjy6AB7koYy2T/
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1